Principal Consultant2022 - PRESENTSelf-employed
Technologies: Node.js, Python, Amazon Web Services (AWS), AWS, Web Security, Cloud Security, Security Testing, Secure Coding, Web App Security, Security Audits, MongoDB, Infrastructure as Code (IaC), AWS Cloud Development, AWS CloudFormation, Back-end Development, Back-end, Functional Programming, DevOps, AWS DevOps, Architecture, OpenAPI, Swagger, OAuth 2, JSON, JSON Web Tokens (JWT), PostgreSQL, Jinja, React, HTML, CSS, Flask, REST APIs, NoSQL, MySQL, SQL, Next.js, Full-stack, Full-stack Development, Technical Leadership, Terraform, Identity & Access Management (IAM), DevSecOps, Boto 3, Google Cloud Platform (GCP), Software Design, API Integration, Integration, CI/CD Pipelines, Git, GraphQL, Cloud Platforms, Engineering, Go, IT Security, Leadership, Requirements Analysis
- Helped a client build an AWS Control Tower landing zone and connected their Google Workspace identities to AWS SSO. Also helped them establish security best practices in the form of Control Tower detectives and preventive guardrails.
- Helped a client build deployment pipelines using both AWS CodePipelines and GitHub actions, all written in the AWS CDK. Also built a pipeline for the client to deploy resources to all AWS Organization accounts using CloudFormation StackSets.
- Performed forensic investigation for a security incident where a client lost access to a production S3 bucket. I gave the client detailed advice on how they should proceed from there to mitigate the incident and make sure it doesn't happen again.
- Helped a client perform a security assessment for their production AWS environment and submitted an assessment report with a list of severity-ranked findings that the client went back and addressed.
Software Development Engineer2016 - 2022Amazon Web Services (AWS)
- Developed, launched, and helped grow Amazon GuardDuty into an indispensable tool for Security Operations teams looking to secure their businesses' AWS footprint. GuardDuty is an intelligent threat detection and security monitoring service for AWS.
- Built some of GuardDuty's high-value security detections end to end, from ideation, prototyping, testing, false positive reduction, operationalization, and launch. This includes privilege escalation, reconnaissance, and unauthorized access findings.
- Created GuardDuty's multi-account functionality, allowing Security Operations teams to enable GuardDuty across all their organization's AWS accounts and aggregate findings in a central SecOps account.
- Led the development and evolution of GuardDuty's control plane, including public APIs, SDKs, and CloudFormation resources, and set standards for API launch readiness.
- Provided technical leadership and mentoring to multiple generations of GuardDuty software engineers.
Lead Software Engineer2012 - 2016Cadence Design Systems
Technologies: Electronic Design Automation (EDA), C++, Lisp, Python, Compilers, Compiler Design, Linux, Databases, Functional Programming, Architecture, JSON, HTML, CSS, Technical Leadership, Software Design, API Integration, Legacy Software, Legacy Code, Integration, Git, Engineering, Requirements Analysis, Desktop App Development
- Developed module generators, layout-only object generators such as dummies, guard rings, and polyfills, and place and route tools for the Cadence Virtuoso GXL physical layout suite.
- Built a system for the assisted routing of physical layout devices, which accelerates the effort of routing components while allowing physical layout engineers to customize specific routing parameters.
- Led module generator qualification efforts on TSMC's advanced node process design kits (PDKs), for example, TSMC 16nm and 10nm, which gave customers better confidence in adopting them.
Software Development Engineer2007 - 2012Mentor Graphics (Acquired by Siemens)
Technologies: Electronic Design Automation (EDA), C++, Python, Compilers, Compiler Design, Linux, Databases, Functional Programming, Lisp, Architecture, JSON, HTML, CSS, Technical Leadership, Software Design, API Integration, Legacy Software, Legacy Code, Integration, Engineering, Requirements Analysis, Desktop App Development
- Built compilers and automations to help the custom IC design group accelerate PDK development for the foundries' advanced technology nodes, for example, TSMC 16nm.
- Contributed to reducing the mentor's release cycle, from 7-8 weeks down to 4-5 days, for advanced node PDKs of key foundries like TSMC and GlobalFoundries.
- Represented Mentor Graphics in the OpenPDK Coalition, an open coalition aiming to define a set of open standards to allow an OpenPDK to be created once and then translated into specific EDA vendor tools and specific foundry formats.
- Trained Mentor Graphics' PDK development team on using new PDK automation systems and building foundry partnerships.